Metro Link and Site-to-Site VPN tunnel for ASA 5500 series

Unanswered Question
Dec 21st, 2007

1) Cisco ASA Information

One is Cisco ASA 5505, the other is Cisco ASA 5510. ASA 5505 is local site, ASA 5510 is remote site. ASA 5505 is ASA 8.0(2) and ASDM 6.0(2). ASA 5510 is ASA 7.2(1) and ASDM 5.2(1).

2) Connection between local and remote site via Metro Link (100Mb). Set one Site-To-Site VPN Tunnel for the two ASA firewall, and disabled this VPN connection at present due to one Metro link is available.

3) I want to ask how can I do if this metro is down, the site-to-site VPN tunnel will enable automatically and if this Metro is up again, the Site-to-Site VPN tunnel will down automatically, in the matter of fact, I want to set as Primary and Secondary backup link.

Please everyone can help me, and recommended some tips, thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
borisloong Sun, 01/20/2008 - 18:23

I haven't configured EIGRP over the Metro link, I want to ask whether is running EIGRP over the Metro link if this environment,

In my environment, one ASA 5505 located at HK, one ASA 5505 located at HK datacentre, HK ASA has a 100Mb Metro link with HK datacentre, this Metro link is running, I want to ask if this Metro link is down, I want to set a backup link, for instance, Site-site VPN tunnel. Could you please tell me how to configure it, thanks.

borisloong Sun, 01/20/2008 - 20:51

in this environment in detail

UK ASA - one metro ethernet0/2 - 172.16.6.1/16, one inside ethernet0/1 - 192.168.6.1, static routes - metro is 10.128.23.0/24 gateway IP is 172.16.17.31, outside 0.0.0.0 0.0.0.0 210.218.255.256

HK ASA - one metro ethernet0/2 - 172.16.37.101/16, one inside ethernet0/1-7 - 10.128.23.121/24, static routes - 192.168.6.0/24 Gateway IP - 172.16.6.1, outside is 0.0.0.0 0.0.0.0 210.128.122.123

At present, One 100Mb Metro link is established between HK and UK. I want to ask if I want to configure one Site-to-Site VPN tunnel, To use only one ISP in HK, if this metro link is down, this VPN tunnel is established automatically, is this work? thanks

Actions

This Discussion